Bump the non-major-versions group with 13 updates #276

Forwarded Headers Middleware: Ignore X-Forwarded-Headers from Unknown Proxy (#61623)
The Forwarded Headers Middleware now ignores X-Forwarded-Headers sent from unknown proxies. This change improves security by ensuring that only trusted proxies can influence the forwarded headers, preventing potential spoofing or misrouting of requests.

Dependency Updates

Update dependencies from dotnet/arcade (#61832)
This update brings in the latest changes from the dotnet/arcade repository, ensuring that ASP.NET Core benefits from recent improvements, bug fixes, and security patches in the shared build infrastructure.
Bump src/submodules/googletest from 52204f7 to 04ee1b4 (#61761)
The GoogleTest submodule has been updated to a newer commit, providing the latest testing features, bug fixes, and performance improvements for the project's C++ test components.

Miscellaneous

Update branding to 8.0.17 (#61830)
The project version branding has been updated to reflect the new 8.0.17 release, ensuring consistency across build outputs and documentation.
Merging internal commits for release/8.0 (#61924)
This change merges various internal commits into the release/8.0 branch, incorporating minor fixes, documentation updates, and other non-user-facing improvements to keep the release branch up to date.

This summary is generated and may contain inaccuracies. For complete details, please review the linked pull requests.

Full Changelog: dotnet/aspnetcore@v8.0.16...v8.0.17

8.0.16

Release

What's Changed

Update branding to 8.0.16 by @vseanreesermsft in Update branding to 8.0.16 dotnet/aspnetcore#61283
[release/8.0] (deps): Bump src/submodules/googletest from 24a9e94 to 52204f7 by @dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 24a9e94 to 52204f7 dotnet/aspnetcore#61260
[release/8.0] Update dependencies from dotnet/source-build-externals by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#61281
[release/8.0] Upgrade to Ubuntu 22 by @wtgodbe in [release/8.0] Upgrade to Ubuntu 22 dotnet/aspnetcore#61216
[release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#60901
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#60926
[release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#61404
Merging internal commits for release/8.0 by @vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#61398
[release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#61411
Revert "Revert "[release/8.0] Update remnants of azureedge.net"" by @wtgodbe in Revert "Revert "[release/8.0] Update remnants of azureedge.net"" dotnet/aspnetcore#60352
[release/8.0] Fix preserving messages for stateful reconnect with backplane by @BrennanConroy in [release/8.0] Fix preserving messages for stateful reconnect with backplane dotnet/aspnetcore#61375
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#61442
fetch TLS client hello message from HTTP.SYS by @BrennanConroy in fetch TLS client hello message from HTTP.SYS dotnet/aspnetcore#61494

Full Changelog: dotnet/aspnetcore@v8.0.15...v8.0.16

8.0.15

Release

What's Changed

[release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#60355
Update branding to 8.0.15 by @vseanreesermsft in Update branding to 8.0.15 dotnet/aspnetcore#60784
Add partitioned to cookie for SignalR browser testing by @BrennanConroy in Add partitioned to cookie for SignalR browser testing dotnet/aspnetcore#60728
[release/8.0] (deps): Bump src/submodules/googletest from e235eb3 to 24a9e94 by @dependabot in [release/8.0] (deps): Bump src/submodules/googletest from e235eb3 to 24a9e94 dotnet/aspnetcore#60677
Merging internal commits for release/8.0 by @vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#60879

Full Changelog: dotnet/aspnetcore@v8.0.14...v8.0.15

8.0.14

Release

What's Changed

Update branding to 8.0.14 by @vseanreesermsft in Update branding to 8.0.14 dotnet/aspnetcore#60197
[release/8.0] (deps): Bump src/submodules/googletest from 7d76a23 to e235eb3 by @dependabot in [release/8.0] (deps): Bump src/submodules/googletest from 7d76a23 to e235eb3 dotnet/aspnetcore#60150
[release/8.0] Fix java discovery in IdentityModel pipeline by @wtgodbe in [release/8.0] Fix java discovery in IdentityModel pipeline dotnet/aspnetcore#60075
[release/8.0] Update dependencies from dotnet/source-build-externals by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-externals dotnet/aspnetcore#60199
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#59922
[release/8.0] Readd DiagnosticSource to KestrelServerImpl by @github-actions in [release/8.0] Readd DiagnosticSource to KestrelServerImpl dotnet/aspnetcore#60203
[release/8.0] Update to MacOS 15 in Helix by @github-actions in [release/8.0] Update to MacOS 15 in Helix dotnet/aspnetcore#60239
[release/8.0] Use the latest available JDK by @wtgodbe in [release/8.0] Use the latest available JDK dotnet/aspnetcore#60233
[release/8.0] Fix skip condition for java tests by @github-actions in [release/8.0] Fix skip condition for java tests dotnet/aspnetcore#60243
[release/8.0] Update list of helix queues to skip by @wtgodbe in [release/8.0] Update list of helix queues to skip dotnet/aspnetcore#60231
[release/8.0] [Blazor] Allow cascading value subscribers to get added and removed during change notification by @github-actions in [release/8.0] [Blazor] Allow cascading value subscribers to get added and removed during change notification dotnet/aspnetcore#57288
[release/8.0] Update remnants of azureedge.net by @sebastienros in [release/8.0] Update remnants of azureedge.net dotnet/aspnetcore#60264
[release/8.0] Centralize on one docker container by @wtgodbe in [release/8.0] Centralize on one docker container dotnet/aspnetcore#60299
Revert "[release/8.0] Update remnants of azureedge.net" by @wtgodbe in Revert "[release/8.0] Update remnants of azureedge.net" dotnet/aspnetcore#60324
Merging internal commits for release/8.0 by @vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#60316

Full Changelog: dotnet/aspnetcore@v8.0.13...v8.0.14

Commits viewable in compare view.

Updated Microsoft.AspNetCore.OpenApi from 8.0.20 to 8.0.22.

Release notes

Sourced from Microsoft.AspNetCore.OpenApi's releases.

8.0.22

Release

What's Changed

Update branding to 8.0.22 by @vseanreesermsft in Update branding to 8.0.22 dotnet/aspnetcore#63949
[release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/arcade dotnet/aspnetcore#63664
[release/8.0] (http2): Lower WINDOWS_UPDATE received on (half)closed stream to stream abortion by @DeagleGross in [release/8.0] (http2): Lower WINDOWS_UPDATE received on (half)closed stream to stream abortion dotnet/aspnetcore#63903
[release/8.0] (deps): Bump src/submodules/googletest from eb2d85e to 9706f75 by @dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from eb2d85e to 9706f75 dotnet/aspnetcore#63893
[release/8.0] Fixed devtools url used for debug with chrome and edge by @github-actions[bot] in [release/8.0] Fixed devtools url used for debug with chrome and edge dotnet/aspnetcore#62080
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63665
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63957
Merging internal commits for release/8.0 by @vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#64035
Mark productVersion.txt as shipping artifact in 8.0 by @Copilot in Mark productVersion.txt as shipping artifact in 8.0 dotnet/aspnetcore#64067
Revert log level severity for unknown proxy in ForwardedHeadersMiddleware by @BrennanConroy in Revert log level severity for unknown proxy in ForwardedHeadersMiddleware dotnet/aspnetcore#64090

Full Changelog: dotnet/aspnetcore@v8.0.21...v8.0.22

8.0.21

Release

What's Changed

Update branding to 8.0.21 by @vseanreesermsft in Update branding to 8.0.21 dotnet/aspnetcore#63509
[release/8.0] (deps): Bump src/submodules/googletest from 373af2e to eb2d85e by @dependabot[bot] in [release/8.0] (deps): Bump src/submodules/googletest from 373af2e to eb2d85e dotnet/aspnetcore#63500
[release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @github-actions[bot] in [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key dotnet/aspnetcore#63250
[release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @github-actions[bot] in [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job dotnet/aspnetcore#63466
[release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @github-actions[bot] in [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough dotnet/aspnetcore#63534
[release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in [release/8.0] Update dependencies from dotnet/source-build-reference-packages dotnet/aspnetcore#63261
[release/8.0] Use wait assert in flaky tests by @ilonatommy in [release/8.0] Use wait assert in flaky tests dotnet/aspnetcore#63565
[release/8.0] Update Microsoft.Build versions by @github-actions[bot] in [release/8.0] Update Microsoft.Build versions dotnet/aspnetcore#62507
Merging internal commits for release/8.0 by @vseanreesermsft in Merging internal commits for release/8.0 dotnet/aspnetcore#63603
backport(8.0): Fix runtime architecture detection logic in ANCM by @DeagleGross in backport(8.0): Fix runtime architecture detection logic in ANCM dotnet/aspnetcore#63706

Full Changelog: dotnet/aspnetcore@v8.0.20...v8.0.21

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 17.13.0 to 17.14.1.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

17.14.1 What's Changed

Error on unsupported target frameworks to prevent silently not running tests by @nohwnd in Warning on unsupported tfms microsoft/vstest#15072 and Make the warning error, and restore previous props so we attempt to run microsoft/vstest#15078
Revert writing additional properties to TRX by @nohwnd in microsoft/vstest@47eb51b

Full Changelog: microsoft/vstest@v17.14.0...v17.14.1

17.14.0 What's Changed

.NET versions updated

This version of VS Test upgraded .NET to net8 and net9. All projects targeting net6.0 (or other end-of-life .NET target frameworks) should pin their version of Microsoft.NET.Test.SDK to 17.13.0, or update the projects to net8 or newer. We remain backwards compatible with previous versions of Microsoft.NET.Test.SDK. This change does NOT prevent you from:

Updating to the latest VS, and running tests from net6.0 test projects.
Updating to the latest .NET SDK, and running tests from net6.0 test projects.

It also has no impact on .NET Framework projects, where we continue targeting .NET Framework 4.6.2.

Drop unsupported frameworks by @nohwnd in Drop unsupported frameworks microsoft/vstest#10565

Changes

Adding Process Query Flag For UWP .NET 9 Support by @adstep in Adding Process Query Flag For UWP .NET 9 Support microsoft/vstest#15003
Fix builds on WinUI and UWP .NET 9 projects by @Sergio0694 in Fix builds on WinUI and UWP .NET 9 projects microsoft/vstest#15004
don't report communication error on discovery abort by @nohwnd in don't report communication error on discovery abort microsoft/vstest#14992
Add dump minitool to vsix by @nohwnd in Add dump minitool to vsix microsoft/vstest#14707
Make test runners long-path aware (#5179) by @peetw in Make test runners long-path aware (#5179) microsoft/vstest#15014
Fix trace in DataCollectionRequestSender.cs by @stan-sz in Fix trace in DataCollectionRequestSender.cs microsoft/vstest#15025
Fix/readme grammar parallelism by @dellch in Fix/readme grammar parallelism microsoft/vstest#15030
Add binding redirects by @nohwnd in Add binding redirects microsoft/vstest#15041
Write props of tests into trx by @nohwnd in Write props of tests into trx microsoft/vstest#14905

Internal version updates and fixes

Update io.redist by @nohwnd in Update io.redist microsoft/vstest#13872
Use preview image for public build by @nohwnd in Use preview image for public build microsoft/vstest#13888
Remove xcopy-msbuild by @nohwnd in Remove xcopy-msbuild microsoft/vstest#14138
Move to macos14 by @nohwnd in Move to macos14 microsoft/vstest#14137
Update diagnose.md by @nohwnd in Update diagnose.md microsoft/vstest#14776
hash with sha2 for mutex lock by @nohwnd in hash with sha2 for mutex lock microsoft/vstest#14777
Update test projects for vmr by @nohwnd in Update test projects for vmr microsoft/vstest#14894
17.14 branding by @nohwnd in 17.14 branding microsoft/vstest#14903
Update filter.md for NUnit by @OsirisTerje in Update filter.md for NUnit microsoft/vstest#14987
Flag netstandard1.x dependencies in source-build by @ViktorHofer in Flag netstandard1.x dependencies in source-build microsoft/vstest#14986
Use VS dependencies versions from release VS to have archived symbols by @nohwnd in Use VS dependencies versions from release VS to have archived symbols microsoft/vstest#14991
Remove extra ; by @nohwnd in Remove extra ; microsoft/vstest#14995
Use dependencymodel 6.0.2 by @nohwnd in Use dependencymodel 6.0.2 microsoft/vstest#14996
Make Testhost packable only on Windows by @mmitche in Make Testhost packable only on Windows microsoft/vstest#15001
Add system text json to vsix by @nohwnd in Add system text json to vsix microsoft/vstest#15034
Add more files to vsix by @nohwnd in Add more files to vsix microsoft/vstest#15038
Remove unnecessary CA2022 suppressions by @Winniexu01 in Remove unnecessary CA2022 suppressions microsoft/vstest#15035
Update package project url by @mmitche in Update package project url microsoft/vstest#15040

New Contributors

@OsirisTerje made their first contribution in Update filter.md for NUnit microsoft/vstest#14987
@adstep made their first contribution in Adding Process Query Flag For UWP .NET 9 Support microsoft/vstest#15003
... (truncated)

17.14.0-preview-25107-01

What's Changed

.NET versions updated

This version of VS Test upgraded .NET to net8 and net9. All projects targeting net6.0 (or other end-of-life .NET target frameworks) should pin their version of Microsoft.NET.Test.SDK to 17.13.0, or update the projects to net8 or newer. We remain backwards compatible with previous versions of Microsoft.NET.Test.SDK. This change does NOT prevent you from:

Updating to the latest VS, and running tests from net6.0 test projects.
Updating to the latest .NET SDK, and running tests from net6.0 test projects.

It also has no impact on .NET Framework projects, where we continue targeting .NET Framework 4.6.2.

Drop unsupported frameworks by @nohwnd in Drop unsupported frameworks microsoft/vstest#10565

New Contributors

@OsirisTerje made their first contribution in Update filter.md for NUnit microsoft/vstest#14987
@adstep made their first contribution in Adding Process Query Flag For UWP .NET 9 Support microsoft/vstest#15003
@Sergio0694 made their first contribution in Fix builds on WinUI and UWP .NET 9 projects microsoft/vstest#15004

Full Changelog: microsoft/vstest@v17.13.0...v17.14.0-preview-25107-01

Commits viewable in compare view.

Updated Newtonsoft.Json from 13.0.3 to 13.0.4.

Release notes

Sourced from Newtonsoft.Json's releases.

13.0.4

New feature - Annotated for trim/AOT (in)compatibility
New feature - Added support for using Index with JArray
Change - Avoid LINQ expression trees in .NET 6+ reflection
Fix - Fixed handling of empty constructor names
Fix - Fixed XML convert duplicate attribute error on nested arrays with writeArrayAttribute set to true
Fix - Fixed XML convert array attribute is not set for properties with special characters
Fix - Fixed TimeOnly deserialization to support more formats

Commits viewable in compare view.

Updated Npgsql from 9.0.3 to 9.0.4.

Release notes

Sourced from Npgsql's releases.

9.0.4

v9.0.4 contains several minor bug fixes.

Milestone issues

Full Changelog: npgsql/npgsql@v9.0.3...v9.0.4

Commits viewable in compare view.

Updated Roslynator.Analyzers from 4.14.0 to 4.15.0.

Release notes

Sourced from Roslynator.Analyzers's releases.

4.15.0

Added

Add option roslynator_null_conditional_operator.avoid_negative_boolean_comparison (PR)
- Do not suggest to use null-conditional operator when result would be ... != true/false
- Applicable for RCS1146

Fixed

Fix analyzer RCS1172 (PR)
[CLI] Fix loc command (PR)
Exclude ref-field backed properties from RCS1085 (PR by @ovska)
[CLI] Fix rename-symbol scope option not being applied correctly (PR by @andrtmschkw)
[CLI] Fix rename-symbol support for top-level statement (PR by @andrtmschkw)

Changed

Migrate to .NET 10 (including command-line tool) (PR)

4.14.1

Added

[CLI] Add support for slnx files (PR by @darthtrevino)
- Bump Roslyn to 4.14.0
- Drop support for .NET 7 SDK

Fixed

Fix analyzer RCS1246 (PR)
Fix analyzer RCS1248 (PR)
Fix analyzer RCS1203 (PR)
Fix analyzer RCS1043 (PR)
Fix analyzer RCS1213 (PR)
- Add unity method OnRectTransformDimensionsChange
Fix analyzer RCS1253 (PR)
Fix refactoring Check expression for null (PR)

Changed

Change behavior of analyzer RCS1206 (PR)
- The condition for option omit_when_single_line will be that the braces/brackets are on the same line, not just the expression in the braces/brackets

Commits viewable in compare view.

Updated Roslynator.CodeFixes from 4.14.0 to 4.15.0.

Release notes

Sourced from Roslynator.CodeFixes's releases.

4.15.0

Added

Add option roslynator_null_conditional_operator.avoid_negative_boolean_comparison (PR)
- Do not suggest to use null-conditional operator when result would be ... != true/false
- Applicable for RCS1146

Fixed

Fix analyzer RCS1172 (PR)
[CLI] Fix loc command (PR)
Exclude ref-field backed properties from RCS1085 (PR by @ovska)
[CLI] Fix rename-symbol scope option not being applied correctly (PR by @andrtmschkw)
[CLI] Fix rename-symbol support for top-level statement (PR by @andrtmschkw)

Changed

Migrate to .NET 10 (including command-line tool) (PR)

4.14.1

Added

[CLI] Add support for slnx files (PR by @darthtrevino)
- Bump Roslyn to 4.14.0
- Drop support for .NET 7 SDK

Fixed

Fix analyzer RCS1246 (PR)
Fix analyzer RCS1248 (PR)
Fix analyzer RCS1203 (PR)
Fix analyzer RCS1043 (PR)
Fix analyzer RCS1213 (PR)
- Add unity method OnRectTransformDimensionsChange
Fix analyzer RCS1253 (PR)
Fix refactoring Check expression for null (PR)

Changed

Change behavior of analyzer RCS1206 (PR)
- The condition for option omit_when_single_line will be that the braces/brackets are on the same line, not just the expression in the braces/brackets

Commits viewable in compare view.

Updated Swashbuckle.AspNetCore from 7.2.0 to 7.3.2.

Release notes

Sourced from Swashbuckle.AspNetCore's releases.

7.3.2 What's Changed

Fix humanize for multiline code and <para> tags by @EvgeniyZ in fix humanize for multiline code and <para> tag domaindrivendev/Swashbuckle.AspNetCore#3295
Fix DescribeAllParametersInCamelCase usage for parameters by @maksim-sovkov in Fix DescribeAllParametersInCamelCase usage in GenerateOpenApiOperationFromMetadataAsync domaindrivendev/Swashbuckle.AspNetCore#3309

New Contributors

@maksim-sovkov made their first contribution in Fix DescribeAllParametersInCamelCase usage in GenerateOpenApiOperationFromMetadataAsync domaindrivendev/Swashbuckle.AspNetCore#3309

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.3.1...v7.3.2

7.3.1 What's Changed

Fix for ApiDescriptionProvider throws NRE by @EvgeniyZ in Fix for ApiDescriptionProvider throws NRE domaindrivendev/Swashbuckle.AspNetCore#3280
Bump swagger-ui-dist from 5.19.0 to 5.20.0 by @dependabot in Bump swagger-ui-dist from 5.19.0 to 5.20.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3279

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.3.0...v7.3.1

7.3.0 What's Changed

Add CreateFromJson options overload by @martincostello in Add CreateFromJson options overload domaindrivendev/Swashbuckle.AspNetCore#3218
Stop testing with .NET 6 by @martincostello in Stop testing with .NET 6 domaindrivendev/Swashbuckle.AspNetCore#3219
Replace IdentityServer4 with Duende.IdentityServer (#3008) by @pseudometalhead in Replace IdentityServer4 with Duende.IdentityServer (#3008) domaindrivendev/Swashbuckle.AspNetCore#3184
Fix JWT version for .NET 9 by @Saibamen in Fix #3184 - fix JWT version for .NET 9 domaindrivendev/Swashbuckle.AspNetCore#3227
Adjust readme for issue #1014 by @EvgeniyZ in adjust readme for #1014 issue domaindrivendev/Swashbuckle.AspNetCore#3233
Humanize multiline para tag by @EvgeniyZ in Humanize multiline para tag domaindrivendev/Swashbuckle.AspNetCore#3234
Humanize multi line code tag by @EvgeniyZ in Humanize multi line code tag domaindrivendev/Swashbuckle.AspNetCore#3239
Fix JsonSerializerDataContractResolver so that it handles jagged arrays correctly by @ozziepeeps in Fix JsonSerializerDataContractResolver so that it handles square arrays correctly domaindrivendev/Swashbuckle.AspNetCore#3245
Use DeepObject parameter style for dictionary by @EvgeniyZ in Use DeepObject parameter style for dictionary domaindrivendev/Swashbuckle.AspNetCore#3241
Remove MvcOptions from SchemaGenerator by @EvgeniyZ in Remove MvcOptions from SchemaGenerator domaindrivendev/Swashbuckle.AspNetCore#3242
Optional EOL for XML comments (#2947) by @RainDance74 in Optional EOL for XmlComments (#2947) domaindrivendev/Swashbuckle.AspNetCore#3255
Add support for listing available OpenAPI documents by @rassilon in Add support for listing available OpenAPI documents domaindrivendev/Swashbuckle.AspNetCore#3263
Bump swagger-ui-dist from 5.18.3 to 5.19.0 by @dependabot in Bump swagger-ui-dist from 5.18.3 to 5.19.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3266

New Contributors

@pseudometalhead made their first contribution in Replace IdentityServer4 with Duende.IdentityServer (#3008) domaindrivendev/Swashbuckle.AspNetCore#3184
@RainDance74 made their first contribution in Optional EOL for XmlComments (#2947) domaindrivendev/Swashbuckle.AspNetCore#3255
@rassilon made their first contribution in Add support for listing available OpenAPI documents domaindrivendev/Swashbuckle.AspNetCore#3263

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.2.0...v7.3.0

Commits viewable in compare view.

Updated System.IdentityModel.Tokens.Jwt from 8.14.0 to 8.15.0.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

8.15.0 New Features

Add ECDsa support in X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey
Extended X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey to support ECDSA keys.
See PR #2377 for details.

Bug Fixes

Sanitize logs to avoid leaking sensitive data
Updated logging to sanitize sensitive values, reducing the risk of inadvertently exposing secrets or PII in logs.
See PR #3316 for details.
Optimize log sanitization with SearchValues
Improved the performance of the log sanitization logic introduced earlier by using SearchValues, making sanitization more efficient in high-throughput scenarios.
See PR #3341 for details.
Update test for IDX10400
Adjusted the IDX10400 test to align with the current behavior and error messaging.
See PR #3314 for details.

Fundamentals

Add supported algorithm tests
Added new tests to validate the set of supported cryptographic algorithms, increasing confidence in algorithm coverage and compatibility.
See PR #3296 for details.
Migrate repository agent rules from .clinerules to agents.md
Moved repository agent/AI-assist rules into markdown documentation to make them more visible and easier to maintain.
See PR #3313 for details.
Migrate Microsoft.IdentityModel.TestExtensions from Newtonsoft.Json to System.Text.Json
Updated Microsoft.IdentityModel.TestExtensions to use System.Text.Json instead of Newtonsoft.Json, aligning tests with the runtime serialization stack.
See PR #3356 for details.
Disable code coverage comments
Turned off automated code coverage comments on PRs to reduce noise while retaining coverage data elsewhere.
See PR #3349 for details.
Fix CodeQL alerts
Addressed CodeQL-reported issues to improve security posture and static analysis cleanliness.
See PR #3364 for details.

.NET 10 / SDK and tooling updates

Building with .NET 10 preview / RC 1
Updated the repository to build and test against .NET 10.0 preview/RC1, ensuring early compatibility with the upcoming runtime.
See PRs #3287, #3357, and #3358 for details.
Fix .NET 10 test execution consistency
Ensured consistent use of the TargetNetNext parameter across build, test, and pack phases so .NET 10.0 tests execute reliably.
See PR #3337 for details.
Update project files and workflows for .NET 10.0 compatibility
Adjusted project files and CI workflows to correctly target and run on .NET 10.0, including test and pack scenarios.
See PR #3363 for details.
Update .NET version to meet CG compliance
Updated the .NET version references to be compliant with corporate governance (CG) requirements.
See PR #3353 for details.
Update Coverlet collector and test SDK
- Bumped CoverletCollectorVersion to 6.0.4.
  See PR #3333 for details.
- Upgraded Microsoft.NET.Test.Sdk to a newer version for improved test reliability and tooling support.
  ... (truncated)

Commits viewable in compare view.

Updated xunit.runner.visualstudio from 3.0.2 to 3.1.5.

Release notes

Sourced from xunit.runner.visualstudio's releases.

No release notes found for this version range.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps CsvHelper from 33.0.1 to 33.1.0 Bumps linq2db.AspNet from 5.4.1 to 5.4.1.9 Bumps Microsoft.AspNetCore.Authentication.JwtBearer from 8.0.20 to 8.0.22 Bumps Microsoft.AspNetCore.Mvc.Testing from 8.0.13 to 8.0.22 Bumps Microsoft.AspNetCore.OpenApi from 8.0.20 to 8.0.22 Bumps Microsoft.NET.Test.Sdk from 17.13.0 to 17.14.1 Bumps Newtonsoft.Json from 13.0.3 to 13.0.4 Bumps Npgsql from 9.0.3 to 9.0.4 Bumps Roslynator.Analyzers from 4.14.0 to 4.15.0 Bumps Roslynator.CodeFixes from 4.14.0 to 4.15.0 Bumps Swashbuckle.AspNetCore from 7.2.0 to 7.3.2 Bumps System.IdentityModel.Tokens.Jwt from 8.14.0 to 8.15.0 Bumps xunit.runner.visualstudio from 3.0.2 to 3.1.5 --- updated-dependencies: - dependency-name: CsvHelper dependency-version: 33.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: linq2db.AspNet dependency-version: 5.4.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Microsoft.AspNetCore.Authentication.JwtBearer dependency-version: 8.0.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Microsoft.AspNetCore.Mvc.Testing dependency-version: 8.0.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Microsoft.AspNetCore.OpenApi dependency-version: 8.0.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 17.14.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: Newtonsoft.Json dependency-version: 13.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Npgsql dependency-version: 9.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-major-versions - dependency-name: Roslynator.Analyzers dependency-version: 4.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: Roslynator.CodeFixes dependency-version: 4.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: Swashbuckle.AspNetCore dependency-version: 7.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: System.IdentityModel.Tokens.Jwt dependency-version: 8.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-major-versions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Dec 15, 2025

dependabot bot mentioned this pull request Dec 15, 2025

Bump CsvHelper and 9 others #275

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the non-major-versions group with 13 updates #276

Bump the non-major-versions group with 13 updates #276

Uh oh!

dependabot bot commented on behalf of github Dec 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Bump the non-major-versions group with 13 updates #276

Are you sure you want to change the base?

Bump the non-major-versions group with 13 updates #276

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 15, 2025

8.0.22

What's Changed

8.0.21

What's Changed

8.0.22

What's Changed

8.0.21

What's Changed

8.0.20

What's Changed

8.0.18

What's Changed

8.0.17

Bug Fixes

Dependency Updates

Miscellaneous

8.0.16

What's Changed

8.0.15

What's Changed

8.0.14

What's Changed

8.0.22

What's Changed

8.0.21

What's Changed

17.14.1

What's Changed

17.14.0

What's Changed

.NET versions updated

Changes

Internal version updates and fixes

New Contributors

17.14.0-preview-25107-01

What's Changed

.NET versions updated

Changes

Internal version updates and fixes

Will probably revert before release:

New Contributors

13.0.4

9.0.4

4.15.0

Added

Fixed

Changed

4.14.1

Added

Fixed

Changed

4.15.0

Added

Fixed

Changed

4.14.1

Added

Fixed

Changed

7.3.2

What's Changed

New Contributors

7.3.1

What's Changed

7.3.0

What's Changed

New Contributors

8.15.0

New Features

Bug Fixes

Fundamentals

.NET 10 / SDK and tooling updates

Uh oh!

Reviewers